MSK.
Sr. Information Security Analyst | Cybersecurity GRC
I'm Madhava Sai Kolluri — a Sr. Information Security Analyst with 9+ years of experience that started in data operations and grew into full-scale cybersecurity governance, risk management, and cloud security.
I've built SSPs from scratch, led risk assessments that uncovered real control deficiencies, and driven POA&M remediation that consistently closed findings ahead of schedule. Whether it's writing security controls, coordinating with engineering, or sitting across from auditors — I focus on delivering documentation and governance outcomes that actually hold up under scrutiny.
Timeline // Protocol History
Professional journey and career milestones
Sr. Information Security Analyst
Alipro — Remote, Bloomington, IL
Writing and maintaining full SSP and IT control documentation for an Azure-hosted platform. Drove end-to-end NIST RMF activities that helped clear ATO two weeks ahead of schedule. Mapped 200+ controls to NIST SP 800-53 families, cutting audit prep time by 40%.
Sr. Information Security Engineer Analyst
United Health Group (Optum) — Hyderabad, India
Developed and maintained SSPs for FISMA-regulated healthcare platforms compliant with NIST SP 800-53, MARS-E, and ARC-AMPE. Supported A&A processes helping three major systems achieve ATO on time. Created golden templates that cut SSP drafting time by 30%.
Sr. Reporting Analyst
Infinity Education Consultants — Hyderabad, India
Managed IAM and access governance for an Azure PaaS CRM. Designed Entra ID RBAC models, enforced MFA and Conditional Access policies, reducing unauthorized access attempts by 60%. Monitored identity alerts via Microsoft Sentinel.
AWS Cloud Security Engineer
Storyqube / Voiceqube — Hyderabad, India
Engineered cloud security controls for a voice-based mobile platform on AWS. Hardened S3 buckets with encryption and access policies. Implemented centralized logging via CloudTrail and CloudWatch for anomaly detection.
Associate
Wipro / Google — Hyderabad, India
Verified and enriched geospatial datasets across 5+ map enhancement projects. Proposed a validation checklist adopted by the team that reduced error rates by 20%.
Skill Matrix // Core Competencies
Technical expertise and domain knowledge
GRC & Compliance
Proficiency
Cloud Security
Proficiency
IAM & Zero Trust
Proficiency
A&A & ATO
Proficiency
SIEM & Monitoring
Proficiency
Tools & Reporting
Proficiency
Operation Log // Key Projects
Recent projects and successful implementations
ATO Acceleration — Azure
Drove NIST RMF from FIPS 199 through continuous monitoring. Mapped 200+ controls, cleared ATO two weeks early with 95% acceptance.
Enterprise Healthcare SSP
Built SSPs for FISMA-regulated healthcare platforms at Optum. Created golden templates cutting drafting time by 30%. Helped 3 systems achieve ATO.
IAM Governance — Azure CRM
Designed Entra ID RBAC models, enforced MFA and Conditional Access. Reduced unauthorized access by 60%.
AWS Cloud Hardening
Engineered security controls for voice platform. Hardened S3 with SSE-KMS, implemented CloudTrail logging.
Security Dashboards
Built Power BI dashboards consolidating incident, access review, and remediation data for leadership KPI visibility.
POA&M Remediation Engine
Managed POA&M register end-to-end, coordinating with engineering to close 15 findings in under two months. 90%+ resolved within target timelines.
Vibe Coding
Developing AI-powered GRC compliance dashboard
Credentials // Learning Journey
Education
B.Tech — Computer Science
JNTU Hyderabad
Professional Certifications
CompTIA Security+
Optum Corporate Training
CC — Cybersecurity
ISC2
SAFe Scrum Master 6.0
SAFe Agile
Azure Admin AZ-104
Udemy
CCSP — In Progress
ISC2